環境準備
1、首先規劃網絡
外部網絡
公共網絡,外部或Internet可以訪問的網絡
內部網絡
私有網絡,僅內部訪問的網絡
管理網絡,用於OpenStack組件以及MySQL DB Server, RabbitMQ messaging server之間的通信
2、openstack部署 - 硬件要求
實驗環境:至少兩臺機器。
控制節點:
Controller Node: 1 processor, 2 GB memory, and 5 GB storage
計算節點:
Compute Node: 1 processor, 2 GB memory, and 10 GB storage
有條件的可以單獨一臺
網絡節點:Network Node: 1 processor, 512MB memory, and 5 GB storage
我這裏把網絡配置在控制節點
注:安裝虛擬機要記得開啓cpu虛擬化,系統Centos 7,2塊網卡(NAT和僅主機)
NAT提供網絡;僅主機用於遠程管理
3、openstack部署 - 前期準備
臨時關閉selinux
setenforce 0
關閉iptables
systemctl stop firewalld #停止服務
systemctl disable firewalld #取消開機啓動
關閉NetworkManager
systemctl stop NetworkManager
systemctl disable NetworkManager
4、網卡配置
控制節點
NAT網卡
TYPE=Ethernet BOOTPROTO=static #改爲static靜態獲取ip DEFROUTE=yes PEERDNS=yes #yes會修改/etc/resolv.conf配置的DNS,no不會 PEERROUTES=yes NAME=eno16777736 UUID=634a4cf5-5b85-422d-88b7-cb7df0d35841 DEVICE=eno16777736 ONBOOT=yes #改爲yes IPADDR0=192.168.100.20 PREFIXP0=24 GATEWAY0=192.168.100.1 DNS1=8.8.8.8 DNS2=8.8.4.4
僅主機網卡
TYPE=Ethernet BOOTPROTO=static DEFROUTE=yes PEERDNS=yes PEERROUTES=yes NAME=eno33554984 DEVICE=eno33554984 ONBOOT=yes IPADDR0=192.168.10.20 PREFIXP0=24 GATEWAY0=192.168.10.1
計算節點
NAT網卡
TYPE=Ethernet BOOTPROTO=static DEFROUTE=yes PEERDNS=yes PEERROUTES=yes NAME=eno16777736 UUID=634a4cf5-5b85-422d-88b7-cb7df0d35841 DEVICE=eno16777736 ONBOOT=yes IPADDR0=192.168.100.21 PREFIXP0=24 GATEWAY0=192.168.100.1 DNS1=8.8.8.8 DNS2=8.8.4.4
僅主機網卡
TYPE=Ethernet BOOTPROTO=static DEFROUTE=yes PEERDNS=yes PEERROUTES=yes NAME=eno33554984 DEVICE=eno33554984 ONBOOT=yes IPADDR0=192.168.10.21 PREFIXP0=24 GATEWAY0=192.168.10.1
配置完後重啓網絡
systemctl restart network
5、兩臺機器,設置hostname
hostnamectl set-hostname controller
hostnamectl set-hostname compute
vim /etc/hostname
編輯/etc/hosts:
192.168.10.20 controller #控制節點
192.168.10.21 compute #計算節點
6、同步時間:
controller上:
yum install -y chrony
vim /etc/chrony.conf
增加或更改:allow 192.168.100.0/24
systemctl enable chronyd.service #設置開機啓動
systemctl start chronyd.service #啓動服務,也支持stop ,restart
compute上:
yum install -y chrony
vim /etc/chrony.conf
增加或更改: server controller iburst
systemctl enable chronyd.service
systemctl start chronyd.service
查看時間同步源:# chronyc sources -v
[root@compute ~]# chronyc sources -v 210 Number of sources = 5 .-- Source mode '^' = server, '=' = peer, '#' = local clock. / .- Source state '*' = current synced, '+' = combined , '-' = not combined, | / '?' = unreachable, 'x' = time may be in error, '~' = time too variable. || .- xxxx [ yyyy ] +/- zzzz || Reachability register (octal) -. | xxxx = adjusted offset, || Log2(Polling interval) --. | | yyyy = measured offset, || \ | | zzzz = estimated error. || | | \ MS Name/IP address Stratum Poll Reach LastRx Last sample =============================================================================== ^x 202.118.1.130 2 10 377 959 +54386s[ +443us] +/- 28ms ^- news.neu.edu.cn 2 6 377 13 +6006us[-54386s] +/- 28ms ^- controller 3 6 375 16 +6111us[+6111us] +/- 30ms ^+ time6.aliyun.com 2 6 377 19 +62ms[ +62ms] +/- 87ms ^* ntp3.aliyun.com 2 6 377 17 +1295us[+1146us] +/- 37ms 此處顯示爲5個源,如果開啓外網的話可能時間不同步,我們可以只配置本地時間源controller其他註釋掉
部署階段
配置yum源和更新
1、安裝openstack的yum源
兩個機器上都操作
yum install -y centos-release-openstack-liberty
2.升級所有的包(兩個機器上都操作)
yum upgrade ####結束後重啓系統reboot
3、安裝openstack 客戶端和openstack-selinux
yum install -y python-openstackclient openstack-selinux
controller應用部署
1、sql服務安裝(MariaDB)【控制節點】
MariaDB數據庫管理系統是MySQL的一個分支,主要由開源社區在維護,採用GPL授權許可。開發這個分支的原因之一是:甲骨文公司收購了MySQL後,有將MySQL閉源的潛在風險,因此社區採用分支的方式來避開這個風險。
yum install -y mariadb mariadb-server MySQL-python
編輯配置文件
vi /etc/my.cnf.d/mariadb_openstack.cnf //加入下面內容
[mysqld] bind-address = 192.168.100.20 #設置 bind-address 爲控制節點管理網絡ip地址,使能通過管理網絡訪問其它節點 default-storage-engine = innodb innodb_file_per_table collation-server = utf8_general_ci init-connect = 'SET NAMES utf8' character-set-server = utf8 啓動mariadb:systemctl enable mariadb.service #加入開機啓動 systemctl start mariadb.service #啓動服務
安全配置,設置root密碼
命令行執行:mysql_secure_installation
設置root密碼爲:root
2、安裝nosql(mongodb服務)
nosql數據庫被Telemetry service用到,(Telemetry 是redhat公司主導開發的一個openstack組件,用來做監控的)
在這裏我們安裝的是mongodb,不是必須的。
yum install -y mongodb-server mongodb
編輯配置文件 vi /etc/mongod.conf //更改如下配置
bind_ip = 192.168.100.20 smallfiles = true
啓動服務
systemctl enable mongod.service
systemctl start mongod.service
3、安裝消息隊列服務【控制節點】
rabbitmq消息隊列服務在openstack中起到非常關鍵的作用,它好比是一個交通樞紐,各個組件之間的通信由它來完成。
yum install -y rabbitmq-server
啓動rabbitmq-server服務
systemctl enable rabbitmq-server
systemctl start rabbitmq-server
添加openstack用戶
rabbitmqctl add_user openstack openstackpasswd
// 密碼 openstackpasswd用戶名爲openstack
爲openstack用戶授權
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
[root@controller ~]# rabbitmqctl add_user openstack openstackpasswd Creating user "openstack" ... [root@controller ~]# rabbitmqctl set_permissions openstack ".*" ".*" ".*" Setting permissions for user "openstack" in vhost "/" ... [root@controller ~]# ###允許openstack用戶可以配置,可以寫,可以讀
rabbitmqctl命令使用:
rabbitmqctl --help #查看命令幫助 add_user <username> <password> delete_user <username> change_password <username> <newpassword> clear_password <username> list_users
4、增加identity - keystone【控制節點】
Keystone V3 簡介
Keystone 中主要涉及到如下幾個概念:User、Tenant、Role、Token。下面對這幾個概念進行簡要說明。
User:顧名思義就是使用服務的用戶,可以是人、服務或者是系統,只要是使用了 Openstack 服務的對象都可以稱爲用戶。
Tenant:租戶,可以理解爲一個人、項目或者組織擁有的資源的合集。在一個租戶中可以擁有很多個用戶,這些用戶可以根據權限的劃分使用租戶中的資源。
Role:角色,用於分配操作的權限。角色可以被指定給用戶,使得該用戶獲得角色對應的操作權限。
Token:指的是一串比特值或者字符串,用來作爲訪問資源的記號。Token 中含有可訪問資源的範圍和有效時間。
Keystone 和其它 OpenStack 服務之間是如何交互和協同工作的?首先用戶向 Keystone 提供自己的身份驗證信息,如用戶名和密碼。Keystone 會從數據庫中讀取數據對其驗證,如驗證通過,會向用戶返回一個 token,此後用戶所有的請求都會使用該 token 進行身份驗證。如用戶向 Nova 申請虛擬機服務,nova 會將用戶提供的 token 發給 Keystone 進行驗證,Keystone 會根據 token 判斷用戶是否擁有進行此項操作的權限,若驗證通過那麼 nova 會向其提供相對應的服務。其它組件和 Keystone 的交互也是如此
具體介紹:http://www.ibm.com/developerworks/cn/cloud/library/1506_yuwz_keystonev3/index.html
登陸mysql,創建數據庫
mysql -uroot -proot >create database keystone; >GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY ‘keystone'; >GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';
說明,創建一個keystone庫,並且授權給keystone用戶所有權限,密碼爲keystone
安裝相關的包
yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached
啓動memcached服務
systemctl enable memcached.service
systemctl start memcached.service
編輯keystone配置文件
//修改或增加配置如下
admin_token密碼爲123456
[DEFAULT] admin_token = 123456 verbose = true [database] connection = mysql://keystone:keystone@controller/keystone [memcache] servers = localhost:11211 [token] provider = uuid driver = memcache [revoke] driver = sql
導入keystone相關的數據
su -s /bin/sh -c "keystone-managedb_sync" keystone
這裏會有個提示 No handlers could be found for logger"oslo_config.cfg" 忽略它,不影響。
注意:這個報錯後面導入數據會出現多次
檢查有沒有正常導入數據:
[root@controller ~]# mysql -ukeystone -pkeystone -hcontroller -t keystone -e "show tables"
看是否有列出表來,如果是空,說明沒有成功導入數據
配置apache
先編輯配置文件/etc/httpd/conf/httpd.conf
增加或更改
ServerName controller
配置apache
先編輯配置文件 /etc/httpd/conf/httpd.conf
增加或更改
ServerName controller
編輯配置文件 vi /etc/httpd/conf.d/wsgi-keystone.conf 內容如下
Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
<IfVersion >= 2.4>
ErrorLogFormat "%{cu}t %M"
</IfVersion>
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
</VirtualHost>啓動apache
systemctl enable httpd.service
systemctl start httpd.service
設置環境變量:
vim /etc/profile
export OS_TOKEN=123456 #配置token export OS_URL=http://controller:35357/v2 #配置 endpoint URL: export OS_IDENTITY_API_VERSION=3 source /etc/profile
然後創建服務實例
openstack service create --name keystone --description "OpenStack Identity" identity
[root@controller ~]# openstack service create --name keystone --description "OpenStack Identity" identity +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Identity | | enabled | True | | id | c43988e2db85465ab49c065dac5ee3c8 | | name | keystone | | type | identity | +-------------+----------------------------------+ [root@controller ~]#
創建端點
openstack endpoint create --region RegionOne identity public http://controller:5000/v2.0
openstack endpoint create --region RegionOne identity internal http://controller:5000/v2.0
openstack endpoint create --region RegionOne identity admin http://controller:35357/v2.0
[root@controller ~]# openstack endpoint create --region RegionOne identity public http://controller:5000/v2.0 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 2347aed007ca49fe845e4ee7940689b4 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | fc4f17f8b9604286903bd324b40b8016 | | service_name | keystone | | service_type | identity | | url | http://controller:5000/v2.0 | +--------------+----------------------------------+ [root@controller ~]# [root@controller ~]# openstack endpoint create --region RegionOne identity internal http://controller:5000/v2.0 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | e049b49ff24646ee95bfcbe8addcfbff | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | fc4f17f8b9604286903bd324b40b8016 | | service_name | keystone | | service_type | identity | | url | http://controller:5000/v2.0 | +--------------+----------------------------------+ [root@controller ~]# [root@controller ~]# openstack endpoint create --region RegionOne identity admin http://controller:35357/v2.0 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | ef867ab9497d4aeab1c0c0b088fbf901 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | fc4f17f8b9604286903bd324b40b8016 | | service_name | keystone | | service_type | identity | | url | http://controller:35357/v2.0 | +--------------+----------------------------------+ [root@controller ~]#
創建租戶(tenants)、用戶以及角色
創建admin 租戶
openstack project create --domain default --description "Admin Project" admin
[root@controller ~]# openstack project create --domain default --description "Admin Project" admin +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Admin Project | | domain_id | default | | enabled | True | | id | ed1396bac8b14d969693e7f019dd5230 | | is_domain | False | | name | admin | | parent_id | None | +-------------+----------------------------------+ [root@controller ~]#
創建admin用戶 (密碼爲adminpasswd)
openstack user create --domain default --password-prompt admin
[root@controller ~]# openstack user create --domain default --password-prompt admin User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | 28d7c214bffb4e37ad10d734d156d067 | | name | admin | +-----------+----------------------------------+ [root@controller ~]#
創建admin角色
openstack role create admin
[root@controller ~]# openstack role create admin +-------+----------------------------------+ | Field | Value | +-------+----------------------------------+ | id | d1297a61aba6462e9a6feea1542fcef3 | | name | admin | +-------+----------------------------------+ [root@controller ~]#
添加admin角色到admin租戶和用戶
openstack role add --project admin --user admin admin
下面我們再來創建一個service 租戶
openstack project create --domain default --description "Service Project" service
[root@controller ~]# openstack project create --domain default --description "Service Project" service +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | Service Project | | domain_id | default | | enabled | True | | id | e01123d140d248bfbbc21aa844453079 | | is_domain | False | | name | service | | parent_id | None | +-------------+----------------------------------+ [root@controller ~]#
創建demo租戶
openstackproject create --domain default --description "Demo Project" demo
[root@controller~]# openstack project create --domain default --description "Demo Project" demo +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description |Demo Project | | domain_id | default | | enabled | True | | id | 178c99209e43429b90fb4b638e29450d | | is_domain | False | | name | demo | | parent_id | None | +-------------+----------------------------------+ [root@controller ~]#
創建demo用戶 (密碼demopasswd)
openstack user create --domain default --password-prompt demo
[root@controller ~]# openstack user create --domain default --password-prompt demo User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | c29d410611ba4e918d71a4edb64688b6 | | name | demo | +-----------+----------------------------------+ [root@controller ~]#
創建角色user
openstack role create user
[root@controller~]# openstack role create user +-------+----------------------------------+ | Field |Value | +-------+----------------------------------+ | id | 2f304e27f0fb401a9425cf4644179fb5 | | name | user | +-------+----------------------------------+ [root@controller~]#
添加user角色到demo租戶和demo用戶
openstack role add --project demo --user demo user
[root@controller~]# openstack role add --project demo --user demo user
驗證admin用戶和demo用戶是否能正常登陸
首先做一個安全設置:
vim /usr/share/keystone/keystone-dist-paste.ini
搜索admin_token_auth, 從[pipeline:public_api], [pipeline:admin_api]和[pipeline:api_v3]中,把admin_token_auth去掉,例如把
pipeline = sizelimit url_normalize request_id build_auth_context token_auth admin_token_auth json_body ec2_extension user_crud_extension public_service
改爲
pipeline = sizelimit url_normalize request_id build_auth_context token_auth json_body ec2_extension user_crud_extension public_service
取消環境變量OS_TOKEN和OS_URL
unset OS_TOKEN OS_URL
然後再登陸admin和demo用戶
openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password token issue
密碼:adminpasswd
#作爲管理員,請求身份驗證令牌 [root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password token issue Password: +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2016-09-20T20:04:51.066434Z | | id | d433ed7af41c45ba96ab29daa28eb773 | | project_id | ed1396bac8b14d969693e7f019dd5230 | | user_id | 28d7c214bffb4e37ad10d734d156d067 | +------------+----------------------------------+ [root@controller ~]# #作爲admin用戶,列出用戶作爲admin覈實admin可以執行 admin-only CLI 命令 [root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password project list Password: +----------------------------------+---------+ | ID | Name | +----------------------------------+---------+ | 578b3676606a4d818a917bf8cfe46d4c | service | | 5c007739446b44eebab043e2573021b1 | admin | | ab6fd0b354444bf58db83cb998fd96dd | demo | +----------------------------------+---------+ #作爲admin用戶,列出用戶覈實認證服務 [root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password user list Password: +----------------------------------+-------+ | ID | Name | +----------------------------------+-------+ | 142eddcf802943259efe69a4dbc0160d | admin | | 7b33d224785141a3a0539f0c89e02be9 | demo | +----------------------------------+-------+ #作爲 admin 用戶, 列出角色驗證keystone服務 [root@controller ~]# openstack --os-auth-url http://controller:35357/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name admin --os-username admin --os-auth-type password role list Password: +----------------------------------+-------+ | ID | Name | +----------------------------------+-------+ | 442849323ab940eab00b498e12d12faf | admin | | 93bee9c6e43b49b7861bd1d46b1b496b | user | +----------------------------------+-------+ [root@controller ~]#
openstack --os-auth-urlhttp://controller:5000/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name demo --os-username demo--os-auth-type password token issue
密碼:demopasswd
[root@controller ~]# openstack --os-auth-url http://controller:5000/v3 --os-project-domain-id default --os-user-domain-id default --os-project-name demo --os-username demo --os-auth-type password token issue Password: +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2016-09-20T20:06:35.853825Z | | id | 6ce859278e6f4a86a4b4e45043d7d323 | | project_id | 178c99209e43429b90fb4b638e29450d | | user_id | c29d410611ba4e918d71a4edb64688b6 | +------------+----------------------------------+ [root@controller ~]#
驗證操作
創建openstack客戶端腳本1
vim admin-openrc.sh //內容
export OS_PROJECT_DOMAIN_ID=default export OS_USER_DOMAIN_ID=default export OS_PROJECT_NAME=admin export OS_TENANT_NAME=admin export OS_USERNAME=admin export OS_PASSWORD=adminpasswd export OS_AUTH_URL=http://controller:35357/v3 export OS_IDENTITY_API_VERSION=3
執行腳本
source admin-openrc.sh
申請認證令牌
openstack token issue
[root@controller ~]# source admin-openrc.sh [root@controller ~]# openstack token issue +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2016-09-24T13:26:54.555394Z | | id | 982acc74994e46af8f9cc07520467145 | | project_id | 5c007739446b44eebab043e2573021b1 | | user_id | 142eddcf802943259efe69a4dbc0160d | +------------+----------------------------------+ [root@controller ~]#
創建openstack客戶端腳本2
vim demo-openrc.sh //內容
export OS_PROJECT_DOMAIN_ID=default export OS_USER_DOMAIN_ID=default export OS_PROJECT_NAME=demo export OS_TENANT_NAME=demo export OS_USERNAME=demo export OS_PASSWORD=demopasswd export OS_AUTH_URL=http://controller:5000/v3 export OS_IDENTITY_API_VERSION=3
執行腳本
source demo-openrc.sh
申請認證令牌
openstack token issue
[root@controller ~]# source demo-openrc.sh [root@controller ~]# openstack token issue +------------+----------------------------------+ | Field | Value | +------------+----------------------------------+ | expires | 2016-09-24T13:29:47.081067Z | | id | 1ed0c7b57e4c4f18aa1a3603d27b9067 | | project_id | ab6fd0b354444bf58db83cb998fd96dd | | user_id | 7b33d224785141a3a0539f0c89e02be9 | +------------+----------------------------------+ [root@controller ~]#
增加image - 前期準備
image又叫做glance,是用來管理鏡像的一個組件,我們用鏡像來安裝操作系統。glance支持讓用戶自己管理自定義鏡像。
創建glance庫和用戶
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance'; Query OK, 0 rows affected (0.04 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]>
執行 admin-openrc.sh 腳本 source admin-openrc.sh
創建glance用戶(密碼爲glancepasswd)
[root@controller ~]# source admin-openrc.sh [root@controller ~]# openstack user create --domain default --password-prompt glance User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | 56a44e9333a34d3e8a7479bfa29955d4 | | name | glance | +-----------+----------------------------------+ [root@controller ~]#
把admin角色添加到glance用戶和service租戶
openstack role add --project service --user glance admin
創建glance服務實體
openstack service create --name glance --description "OpenStack Image service" image
[root@controller ~]# openstack role add --project service --user glance admin [root@controller ~]# openstack service create --name glance --description "OpenStack Image service" image +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Image service | | enabled | True | | id | b78d1bdf00924090be3b995e8e1b37e7 | | name | glance | | type | image | +-------------+----------------------------------+ [root@controller ~]#
創建image服務api 端點
openstack endpoint create --region RegionOne image public http://controller:9292
[root@controller profile.d]# openstack endpoint create --region RegionOne image public http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | d12aa53e769442bcb4bfd75ca75bbad0 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | efaa9c047adf4eb58ef2f1576e432a12 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller profile.d]#
openstack endpoint create --region RegionOne image internal http://controller:9292
[root@controller profile.d]# openstack endpoint create --region RegionOne image internal http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | d3add6d0b0614e88a4adde93653b8b29 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | efaa9c047adf4eb58ef2f1576e432a12 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller profile.d]#
openstack endpoint create --region RegionOne image admin http://controller:9292
[root@controller profile.d]# openstack endpoint create --region RegionOne image admin http://controller:9292 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 95a77b2444c74cc0bb135fde881ac453 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | efaa9c047adf4eb58ef2f1576e432a12 | | service_name | glance | | service_type | image | | url | http://controller:9292 | +--------------+----------------------------------+ [root@controller profile.d]#
接openstack部署(二)http://xulianglinux.blog.51cto.com/8001428/1855385 點擊鏈接跳轉